Why should the same artifact move through environments rather than rebuilding per stage?
CI/CD & GitOps · Advanced level
Answer
The same artifact should move through environments so every test result applies to the exact artifact deployed to production. Rebuilding per stage means production may run code that was never tested, especially if dependencies, base images, or build tools changed.
Technical explanation
Artifacts should be immutable and addressed by version or digest, with metadata linking them to commit SHA and pipeline run.
Jenkins archived artifacts are convenient for diagnostics, but production deployment should consume from a controlled artifact repository or registry.
Security gates should be policy-driven with documented exception handling; otherwise teams will bypass noisy checks.
Provenance should connect repository, commit, workflow identity, artifact digest, signer identity, and deployment environment.
Git history is both collaboration state and audit evidence, so choose merge, rebase, revert, and reset based on whether history is shared.
Short-lived branches reduce merge conflicts and make CI feedback meaningful; long-lived branches increase drift and integration risk.
Hands-on example
1. Design an advanced delivery exercise for: Why should the same artifact move through environments rather than rebuilding per stage using one service, one Git repository, one artifact registry, and one Kubernetes environment.
2. Build once from a protected branch, generate test reports, SBOM, vulnerability scan results, provenance metadata, and a container image tagged by both semantic version and digest.
3. Sign the image or artifact, verify the signature in the deployment pipeline, and promote the same digest through dev, staging, and production without rebuilding.
4. Use progressive exposure where relevant: feature flag off by default, canary 5%, automated metric check for error rate and latency, then expand or rollback.
5. Record audit evidence: PR, approver, pipeline run, artifact digest, SBOM location, signature verification result, deployment event, and rollback or forward-fix decision.
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More CI/CD & GitOps interview questions
- What is CI/CD, and what is the difference between continuous delivery and continuous deployment?
- What are the goals of a CI pipeline beyond just running tests?
- What is Jenkins, and what is the difference between a controller and an agent?
- What is the difference between a freestyle job and a pipeline job in Jenkins?
- What is the difference between a declarative and a scripted Jenkins pipeline?
- What is a Jenkinsfile, and why keep your pipeline as code in the repo?
- Explain the structure of a declarative pipeline (agent, stages, steps, post).
- What is the post section used for, and what are its conditions (success, failure, always)?